So there are 2 ways to do this
-
Easiest but perhaps not best long term : Add a
removeprocessor to the end of the existing pipeline -
Clone the pipeline and then add the
removeprocessor to your customer pipeline and use that pipeline in the module Here are detailed instructions for that ... but for you instead of all thegrokstuff you would just add theremoveprocessor as the last processor..
So for Number 1)
Go to Kibana - Stack Management - Ingest Pipeline
Find the nginx access pipeline - 1st Clone it for a backup, then Edit the original pipeline
at the bottom of the normal processors add a remove processor and list the fields you want to remove... IMPORTANT don't forget to save the processor and pipeline
Let us know how it works...